📄 encryptunit.pas
字号:
with AttachData^ do
begin
_LoadLibrary := _GetProcAddress(dwKernel32, szLoadLibrary);
_FreeLibrary := _GetProcAddress(dwKernel32, szFreeLibrary);
_ExitProcess := _GetProcAddress(dwKernel32, szExitProcess);
_GetModuleHandle := _GetProcAddress(dwKernel32, szGetModuleHandle);
_lstrlen := _GetProcAddress(dwKernel32, szlstrlen);
hLibUser32 := _LoadLibrary(szLibUser32); //载入user32.dll
hLibGDI32 := _LoadLibrary(szLibGDI32); //载入gdi32.dll
//***获取user32.dll中的一些API
_GetMessage := _GetProcAddress(hLibUser32, szGetMessage);
_TranslateMessage := _GetProcAddress(hLibUser32, szTranslateMessage);
_DispatchMessage := _GetProcAddress(hLibUser32, szDispatchMessage);
_GetSystemMetrics := _GetProcAddress(hLibUser32, szGetSystemMetrics);
_PostMessage := _GetProcAddress(hLibUser32, szPostMessage);
_SendMessage := _GetProcAddress(hLibUser32, szSendMessage);
_ShowWindow := _GetProcAddress(hLibUser32, szShowWindow);
_UpdateWindow := _GetProcAddress(hLibUser32, szUpdateWindow);
_LoadCursor := _GetProcAddress(hLibUser32, szLoadCursor);
_LoadIcon := _GetProcAddress(hLibUser32, szLoadIcon);
_PostQuitMessage := _GetProcAddress(hLibUser32, szPostQuitMessage);
_MessageBox := _GetProcAddress(hLibUser32, szMessageBox);
_RegisterClassEx := _GetProcAddress(hLibUser32, szRegisterClassEx);
_CreateWindowEx := _GetProcAddress(hLibUser32, szCreateWindowEx);
_DefWindowProc := _GetProcAddress(hLibUser32, szDefWindowProc);
_SetFocus := _GetProcAddress(hLibUser32, szSetFocus);
_GetWindowLong := _GetProcAddress(hLibUser32, szGetWindowLong);
_SetWindowLong := _GetProcAddress(hLibUser32, szSetWindowLong);
_GetDlgItemText := _GetProcAddress(hLibUser32, szGetDlgItemText);
_GetSystemMenu := _GetProcAddress(hLibUser32, szGetSystemMenu);
_AppendMenu := _GetProcAddress(hLibUser32, szAppendMenu);
_IsDialogMessage := _GetProcAddress(hLibUser32, szIsDialogMessage);
_GetDlgItem := _GetProcAddress(hLibUser32, szGetDlgItem);
_wsprintf := _GetProcAddress(hLibUser32, szwsprintf);
_SetWindowText := _GetProcAddress(hLibUser32, szSetWindowText);
//***获取gdi32.dll中的两个API
_CreateFontIndirect := _GetProcAddress(hLibGDI32, szCreateFontIndirect);
_DeleteObject := _GetProcAddress(hLibGDI32, szDeleteObject);
//******Win32 API操作:注册窗口类及创建窗口实例
_wc.hInstance := _GetModuleHandle(nil);
_wc.cbSize := SizeOf(WNDCLASSEX);
_wc.style := CS_HREDRAW or CS_VREDRAW;
//窗口过程,非常重要!!!
_wc.lpfnWndProc := Pointer(DWORD(@AttachWindowProc) - DWORD(@AttachStart) + AttachStart);
_wc.hbrBackground := COLOR_WINDOW;
_wc.lpszClassName := _szAppClass;
_wc.hCursor := _LoadCursor(0, IDC_ARROW);
_wc.hIcon := _LoadIcon(0, IDI_WINLOGO);
_wc.hIconSm := _wc.hIcon;
_RegisterClassEx(_wc);
aLeft := (_GetSystemMetrics(SM_CXSCREEN) - dwWndAttachWidth) div 2;
aTop := (_GetSystemMetrics(SM_CYSCREEN) - dwWndAttachHeight) div 2;
_hWndAttach := _CreateWindowEx(hWndAttachExStyle, _szAppClass, _szAppTitle, hWndAttachStyle, aLeft, aTop, dwWndAttachWidth, dwWndAttachHeight, 0, 0, _wc.hInstance, nil);
_ShowWindow(_hWndAttach, SW_SHOW);
_UpdateWindow(_hWndAttach);
//******处理消息循环
while _GetMessage(msg, 0, 0, 0) do
begin
if not _IsDialogMessage(_hWndAttach, msg) then
begin
_TranslateMessage(msg);
_DispatchMessage(msg);
end;
end;
_FreeLibrary(hLibGDI32);
_FreeLibrary(hLibUser32);
if _bCorrect = 1 then
begin
EntryPoint := _wc.hInstance + (_wc.hInstance - _ImageBase) + _EntryPoint; //============================!!!
asm
MOV EAX, EntryPoint
JMP EAX
end;
end;
_ExitProcess(0);
end;
end;
//附加段的消息循环
function AttachWindowProc(hwnd:HWND;uMsg:UINT;wParam:WPARAM;lParam:LPARAM):LRESULT;stdcall;
var
AttachData:PAttachData;
hSysMenu:HMENU;
TmpHwnd:Windows.HWND;
szPassword:array[0..MAX_PASSWORD_LENGTH-1] of Char;
begin
Result:=0;
AttachData:=Pointer(AttachStart-SizeOf(TAttachData));
with AttachData^ do
case uMsg of
WM_CREATE:
begin
//在系统菜单中添加"关於"项目
hSysMenu:=_GetSystemMenu(hwnd,False);
_AppendMenu(hSysMenu,MF_SEPARATOR,0,nil);
_AppendMenu(hSysMenu,MF_STRING,IDM_ATTACH_MENU_ABOUT,_szMenuAbout);
_hFont:=_CreateFontIndirect(_fnt);
//创建Static控件,显示还可以输入多少次密码
_hWndChanceCount:=_CreateWindowEx(0,_szClassStatic,_szChanceCount,SS_CENTER or SS_CENTERIMAGE or WS_VISIBLE or WS_CHILD,
10,32,300,22,hwnd,0,_wc.hInstance,nil);
_SendMessage(_hWndChanceCount,WM_SETFONT,_hFont,0);
_wsprintf(_szChanceCount,_szTemplate,@_nCount);
_SetWindowText(_hWndChanceCount,_szChanceCount);
//创建Static控件,显示"请输入密码:'
TmpHwnd:=_CreateWindowEx(0,_szClassStatic,_szTitlePassword,SS_RIGHT or SS_CENTERIMAGE or WS_VISIBLE or WS_CHILD,
5,10,80,22,hWnd,0,_wc.hInstance,nil);
_SendMessage(TmpHwnd,WM_SETFONT,_hFont,0);
//创建Edit控件,供用户输入密码
TmpHwnd:=_CreateWindowEx(WS_EX_STATICEDGE,_szClassEdit,nil,ES_AUTOHSCROLL or ES_PASSWORD or WS_VISIBLE or WS_TABSTOP or WS_CHILD,
90,12,205,18,hWnd,0,_wc.hInstance,nil);
_SendMessage(TmpHwnd,EM_SETLIMITTEXT,MAX_PASSWORD_LENGTH,0);
_SetWindowLong(TmpHwnd,GWL_ID,IDC_EDIT_PASSWORD);
_SetFocus(TmpHwnd);
//创建Button控件,即"确定"按钮
TmpHwnd:=_CreateWindowEx(0,_szClassButton,_szOK,BS_FLAT or BS_DEFPUSHBUTTON or WS_VISIBLE or WS_TABSTOP or WS_CHILD,
40,60,80,20,hWnd,0,_wc.hInstance,nil);
_SendMessage(TmpHwnd,WM_SETFONT,_hFont,0);
_SetWindowLong(TmpHwnd,GWL_ID,IDC_BUTTON_OK);
//创建Button控件,即"取消"按钮
TmpHwnd:=_CreateWindowEx(0,_szClassButton,_szCancel,BS_FLAT or WS_VISIBLE or WS_TABSTOP or WS_CHILD,
120,60,80,20,hWnd,0,_wc.hInstance,nil);
_SendMessage(TmpHwnd,WM_SETFONT,_hFont,0);
_SetWindowLong(TmpHwnd,GWL_ID,IDC_BUTTON_CANCEL);
//创建Button控件,即"关于 "按钮
TmpHwnd:=_CreateWindowEx(0,_szClassButton,_szAbout,BS_FLAT or WS_VISIBLE or WS_TABSTOP or WS_CHILD,
200,60,80,20,hWnd,0,_wc.hInstance,nil);
_SendMessage(TmpHwnd,WM_SETFONT,_hFont,0);
_SetWindowLong(TmpHwnd,GWL_ID,IDC_BUTTON_ABOUT);
end;
WM_COMMAND:
begin
if LOWORD(wParam)=IDC_BUTTON_OK then
begin
_GetDlgItemText(hwnd,IDC_EDIT_PASSWORD,szPassword,MAX_PASSWORD_LENGTH);
if CalcCrc32(szPassword,_lstrlen(szPassword))=_dwPasswordCrc32 then
_bCorrect:=1;
if (_bCorrect=1) or (_nCount=1) then _PostMessage(hwnd,WM_CLOSE,0,0)
else begin
_MessageBox(hwnd,_szWrongPassword,_szAppTitle,MB_OK+MB_ICONERROR);
TmpHwnd:=_GetDlgItem(hwnd,IDC_EDIT_PASSWORD);
_SetFocus(TmpHwnd);
_SendMessage(hwnd,EM_SETSEL,0,-1);
_nCount:=_nCount-1;
_wsprintf(_szChanceCount,_szTemplate,@_nCount);
_SetWindowText(_hWndChanceCount,_szChanceCount);
end;
end else if LOWORD(wParam)=IDC_BUTTON_CANCEL then
_PostMessage(hwnd,WM_CLOSE,0,0)
else
Result:=_DefWindowProc(hwnd,uMsg,wParam,lParam);
end;
WM_SYSCOMMAND:
begin
if wParam=IDM_ATTACH_MENU_ABOUT then
_MessageBox(hwnd,_szMsgAbout,_szAppTitle,MB_OK+MB_ICONINFORMATION)
else
Result:=_DefWindowProc(hwnd,uMsg,wParam,lParam);
end;
WM_CLOSE:
begin
_DeleteObject(_hFont);
Result:=_DefWindowProc(hwnd,uMsg,wParam,lParam);
end;
WM_DESTROY:
begin
_PostQuitMessage(0);
end;
else
Result:=_DefWindowProc(hwnd,uMsg,wParam,lParam);
end;
end;
function CalcCrc32(lpSource: PChar; nLength: Integer): DWORD; stdcall;
var
Crc32Table: array[0..255] of DWORD;
I, J: Integer;
crc: DWORD;
begin
//初始化CRC32表
for I := 0 to 255 do
begin
crc := I;
for J := 0 to 7 do
begin
if crc and 1 > 0 then
crc := (crc shr 1) xor $EDB88320
else
crc := crc shr 1;
end;
Crc32Table[I] := crc;
end;
//计算CRC32值
Result := 8;
for I := 0 to nLength - 1 do
Result := Crc32Table[Byte(Result xor DWORD(Ord(lpSource[I])))] xor ((Result shr 8) and $00FFFFFF);
Result := not Result;
end;
procedure AttachEnd; stdcall;
begin
end;
procedure Encrypt(Handle:HWND; LFileName:string;LPassword:string;LBackup:Boolean);
var
ImgDosHeader: IMAGE_DOS_HEADER;
ImgNtHeaders: IMAGE_NT_HEADERS;
ImgSectionHeader: IMAGE_SECTION_HEADER;
hFile: THandle;
AttachSize: DWORD;
LPointerToRawData: DWORD;
LVirtualAddress: DWORD;
BytesRead, BytesWrite: Cardinal;
I: integer; Temp: string;
begin
//先备份文件
if LBackup then CopyFile(PChar(LFileName), PChar(LFileName + '.bak'), False);
try
hFile := CreateFile(PChar(LFileName), GENERIC_READ or GENERIC_WRITE, FILE_SHARE_READ or FILE_SHARE_WRITE, nil, OPEN_EXISTING, FILE_ATTRIBUTE_NORMAL, 0);
if hFile = INVALID_HANDLE_VALUE then
begin
MessageBox(Handle, '打开文件失败!', '文件', MB_ICONERROR + MB_OK);
Exit;
end;
ReadFile(hFile, ImgDosHeader, SizeOf(ImgDosHeader), BytesRead, nil); //&nBytesRead
Form1.Memo1.lines.Add('ImgDosHeader.e_magic:' + InttoHex(ImgDosHeader.e_magic, 4));
if ImgDosHeader.e_magic <> IMAGE_DOS_SIGNATURE then
begin
MessageBox(Handle, '这不是一个有效的PE文件!', '文件', MB_ICONERROR + MB_OK);
Exit;
end;
SetFilePointer(hFile, ImgDosHeader._lfanew, nil, FILE_BEGIN);
Form1.Memo1.lines.Add('ImgDosHeader._lfanew:' + InttoHex(ImgDosHeader._lfanew, 4));
ReadFile(hFile, ImgNtHeaders, SizeOf(ImgNtHeaders), BytesRead, nil);
if ImgNtHeaders.Signature <> IMAGE_NT_SIGNATURE then
begin
MessageBox(Handle, '这不是一个有效的PE文件!', '文件', MB_ICONERROR + MB_OK);
Exit;
end;
Form1.Memo1.lines.Add('入口点:' + InttoHex(ImgNtHeaders.OptionalHeader.AddressOfEntryPoint, 8));
Form1.Memo1.lines.Add('基地址:' + InttoHex(ImgNtHeaders.OptionalHeader.ImageBase, 8));
LPointerToRawData := 0;
LVirtualAddress := 0;
for I := 0 to ImgNtHeaders.FileHeader.NumberOfSections - 1 do
begin
ReadFile(hFile, ImgSectionHeader, SizeOf(ImgSectionHeader), BytesRead, nil);
Form1.StringGrid1.Cells[0, i + 1] := Pchar(@ImgSectionHeader.Name[0]);
Form1.StringGrid1.Cells[1, i + 1] := InttoHex(ImgSectionHeader.VirtualAddress, 8);
Form1.StringGrid1.Cells[2, i + 1] := InttoHex(ImgSectionHeader.SizeOfRawData, 8);
Form1.StringGrid1.Cells[3, i + 1] := InttoHex(ImgSectionHeader.Characteristics, 8);
Form1.StringGrid1.Cells[4, i + 1] := InttoHex(ImgSectionHeader.PointerToRawData, 8);
Form1.StringGrid1.Cells[5, i + 1] := InttoHex(ImgSectionHeader.Misc.VirtualSize, 8);
if PChar(@ImgSectionHeader.Name[0]) = '.LEE' then
begin
MessageBox(Handle, '呵呵, 您忘了吗? 文件已经加密了!', '文件', MB_ICONINFORMATION + MB_OK);
Exit;
end;
if LPointerToRawData < ImgSectionHeader.PointerToRawData + ImgSectionHeader.SizeOfRawData then
//在文件中的偏移 -在文件中对齐的尺寸
LPointerToRawData := ImgSectionHeader.PointerToRawData + ImgSectionHeader.SizeOfRawData;
if LVirtualAddress < ImgSectionHeader.VirtualAddress + ImgSectionHeader.Misc.VirtualSize then
LVirtualAddress := ImgSectionHeader.VirtualAddress + ImgSectionHeader.Misc.VirtualSize;
end;
//准备加入内容的长度
AttachSize := Integer(@AttachEnd) - Integer(@AttachStart); //+SizeOf(TAttachData);
Move('.LEE'#0, ImgSectionHeader.Name[0], 5); //节的内容
ImgSectionHeader.Misc.VirtualSize := AttachSize; //真实长度
ImgSectionHeader.VirtualAddress := LVirtualAddress; //RVA地址
ImgSectionHeader.SizeOfRawData := AttachSize; //在文件中对齐的尺寸
ImgSectionHeader.PointerToRawData := LPointerToRawData; //在文件中的偏移
ImgSectionHeader.PointerToRelocations := 0; //在OBJ文件中使用
ImgSectionHeader.PointerToLinenumbers := 0; //行号表的偏移
ImgSectionHeader.NumberOfRelocations := 0; //在OBJ文件中使用
ImgSectionHeader.NumberOfLinenumbers := 0; //行号表中行号的数量
//******计算新节的加载RVA (RVA必须为4096的整数倍)
if ImgSectionHeader.VirtualAddress mod 4096 > 0 then
ImgSectionHeader.VirtualAddress := (ImgSectionHeader.VirtualAddress div 4096 + 1) * 4096;
//******计算新节的PointerToRawData (为512的倍数<win2000/xp下正确加载>)
if ImgSectionHeader.PointerToRawData mod 512 > 0 then
ImgSectionHeader.PointerToRawData := (ImgSectionHeader.PointerToRawData div 512 + 1) * 512;
//******设置新节的Characteristics (code/data/execute/read/write/inited data/un-inited data)
ImgSectionHeader.Characteristics := $E00000E0;
//******写入新节信息
WriteFile(hFile, ImgSectionHeader, SizeOf(ImgSectionHeader), BytesWrite, nil);
//******修改入口地址,记得要先记录原来的哦^_^
AttachData._EntryPoint:=ImgNtHeaders.OptionalHeader.AddressOfEntryPoint;
AttachData._ImageBase:=ImgNtHeaders.OptionalHeader.ImageBase;
ImgNtHeaders.OptionalHeader.AddressOfEntryPoint:=ImgSectionHeader.VirtualAddress
+SizeOf(TAttachData)
+DWORD(@MyFun)-DWORD(@AttachStart);
//******修改镜像大小
ImgNtHeaders.OptionalHeader.SizeOfImage:=ImgNtHeaders.OptionalHeader.SizeOfImage+AttachSize;
//******保存密码
AttachData._dwPasswordCrc32:=CalcCrc32(PChar(LPassword),Length(LPassword));
//******修改节个数
Inc(ImgNtHeaders.FileHeader.NumberOfSections);
//******定位到IMAGE_NT_HEADERS
SetFilePointer(hFile,ImgDosHeader._lfanew,nil,FILE_BEGIN);
WriteFile(hFile,ImgNtHeaders,SizeOf(ImgNtHeaders),BytesWrite,nil);
//******定位到新节的起始偏移地址
SetFilePointer(hFile,ImgSectionHeader.PointerToRawData,nil,FILE_BEGIN);
//******写入AttachData
WriteFile(hFile,AttachData,SizeOf(AttachData),BytesWrite,nil);
//******写入代码
WriteFile(hFile,PByte(@AttachStart)^,Integer(@AttachEnd)-Integer(@AttachStart),BytesWrite,nil);
MessageBox(Handle,'恭喜,加密成功!','文件',MB_OK+MB_ICONINFORMATION);
finally
CloseHandle(hFile);
end;
end;
initialization
;
finalization
end.
⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -